link.send.firmennews.de Open in urlscan Pro
83.137.116.152 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280
Submission: On December 01 via api (December 1st 2023, 11:14:35 am UTC) from ES — Scanned from DE

Summary HTTP 12 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 12 HTTP transactions. The main IP is 83.137.116.152, located in Vienna, Austria and belongs to NESSUS, AT. The main domain is link.send.firmennews.de.
TLS certificate: Issued by R3 on October 10th 2023. Valid for: 3 months.

This is the only time link.send.firmennews.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	83.137.116.152 83.137.116.152	47692 (NESSUS) (NESSUS)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
7	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.98.130 104.17.98.130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
12	5

2 83.137.116.152 (Vienna, Austria)

ASN47692 (NESSUS, AT)
PTR: ip083137116152.rev.nessus.at

link.send.firmennews.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sf40.sendsfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

offers.indeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.98.130 (None, )

ASN13335 (CLOUDFLARENET, US)

na-sjint.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	indeed.com offers.indeed.com — Cisco Umbrella Rank: 100323	192 KB
1	gstatic.com fonts.gstatic.com	39 KB
1	sendsfx.com sf40.sendsfx.com	232 B
1	marketo.com na-sjint.marketo.com — Cisco Umbrella Rank: 408327	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	firmennews.de link.send.firmennews.de	9 KB
12	6

	Domain	Requested by
7	offers.indeed.com	link.send.firmennews.de
1	fonts.gstatic.com	fonts.googleapis.com
1	sf40.sendsfx.com	link.send.firmennews.de
1	na-sjint.marketo.com	link.send.firmennews.de
1	fonts.googleapis.com	link.send.firmennews.de
1	link.send.firmennews.de
12	6

This site contains links to these domains. Also see Links.

Domain
sf40.sendsfx.com

Subject Issuer	Validity	Valid
sf40.sendsfx.com R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
offers.indeed.com Cloudflare Inc ECC CA-3	`2023-10-19` - `2024-10-18`	a year	crt.sh
na-sjint.marketo.com Cloudflare Inc ECC CA-3	`2023-08-08` - `2024-08-07`	a year	crt.sh
*.sendsfx.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-24` - `2024-05-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280
Frame ID: D35661B8DAD37EDCA9F64BEF8198A9E0
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Indeed

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

12
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

245 kB
Transfer

297 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://sf40.sendsfx.com/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&L=150&N=23280
Title: hier

Search URL Search Domain Scan URL

URL: https://sf40.sendsfx.com/link.php?M=18745182&N=32529&L=1539988&F=H

Search URL Search Domain Scan URL

URL: https://sf40.sendsfx.com/link.php?M=18745182&N=32529&L=1540010&F=H

Search URL Search Domain Scan URL

URL: https://sf40.sendsfx.com/link.php?M=18745182&N=32529&L=1540006&F=H

Search URL Search Domain Scan URL

URL: https://sf40.sendsfx.com/link.php?M=18745182&N=32529&L=303092&F=H
Title: Impressum

Search URL Search Domain Scan URL

URL: https://sf40.sendsfx.com/link.php?M=18745182&N=32529&L=303093&F=H
Title: Zum Kontaktformular

Search URL Search Domain Scan URL

URL: https://sf40.sendsfx.com/link.php?M=18745182&N=32529&L=303094&F=H
Title: www.firmennews.de

Search URL Search Domain Scan URL

URL: https://sf40.sendsfx.com/unsubscribe.php?&M=18745182&N=32529&L=150&C=be102e605095220e93be3dc4f3f98f5d
Title: hier

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request display.php Show response
link.send.firmennews.de/ 60 KB
9 KB 387ms
247ms Document
text/html 83.137.116.152
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL: https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.137.116.152 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: ip083137116152.rev.nessus.at
Software: Apache/2.4.25 (Debian) /
Resource Hash: e87397ba723e6adc47a9e2395b5c2f378fc682f1f06d6b381c74f6ae63ab038b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 9415
Content-Type: text/html; charset=utf8
Date: Fri, 01 Dec 2023 11:14:30 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 133ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Requested by

Host: link.send.firmennews.de
URL: https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

098d5671fe5bd7e95f65a70a54157198ad4e8a0b6f6662f5e7929c012fdafd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.send.firmennews.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 11:14:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 11:01:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 11:14:31 GMT

GET
H2 200 transparentGif.gif
offers.indeed.com/rs/699-SXJ-715/images/ 1 KB
2 KB 348ms
233ms Image
image/gif 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.indeed.com/rs/699-SXJ-715/images/transparentGif.gif

Requested by

Host: link.send.firmennews.de
URL: https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7bffdcee3237b565701a63c9cdd9200aeb3f87dfbd91f0385e745def68bed0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.send.firmennews.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:14:31 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 07 Oct 2023 01:36:06 GMT
server: cloudflare
etag: "9007d8-447-607166177a22e"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 82eae830e8e7453a-TXL
content-length: 1095
expires: Fri, 01 Dec 2023 11:15:31 GMT

GET
H2 200 DE_de_Logo_ForEmployers_RGB_Color_Horizontal.png
offers.indeed.com/rs/699-SXJ-715/images/ 12 KB
12 KB 347ms
234ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.indeed.com/rs/699-SXJ-715/images/DE_de_Logo_ForEmployers_RGB_Color_Horizontal.png

Requested by

Host: link.send.firmennews.de
URL: https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d2116bf584b755a85cbefb40c4a2a1311dbdefa3670e05bcaaa8d5e2197d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.send.firmennews.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:14:31 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Mon, 09 Oct 2023 10:08:07 GMT
server: cloudflare
etag: "2822338-2ffc-60745c44a95be"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 82eae830e8eb453a-TXL
content-length: 12284
expires: Fri, 01 Dec 2023 11:15:31 GMT

GET
H2 200 DE_de_110123_SMBATPE_EM_AM.jpg
offers.indeed.com/rs/699-SXJ-715/images/ 77 KB
78 KB 384ms
270ms Image
image/jpeg 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.indeed.com/rs/699-SXJ-715/images/DE_de_110123_SMBATPE_EM_AM.jpg?version=0

Requested by

Host: link.send.firmennews.de
URL: https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d545ee5d664ded6f4959f3e2718abc9bb645db665753e5f2c07b70559afe641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.send.firmennews.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:14:31 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Wed, 01 Nov 2023 17:59:15 GMT
server: cloudflare
etag: "2823795-135fa-6091b078e92dc"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 82eae830e8e3453a-TXL
content-length: 79354
expires: Fri, 01 Dec 2023 11:15:31 GMT

GET
H2 200 DE_de_110123_SMBATPE_EM_AM.jpg
offers.indeed.com/rs/699-SXJ-715/images/ 77 KB
78 KB 354ms
240ms Image
image/jpeg 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.indeed.com/rs/699-SXJ-715/images/DE_de_110123_SMBATPE_EM_AM.jpg

Requested by

Host: link.send.firmennews.de
URL: https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d545ee5d664ded6f4959f3e2718abc9bb645db665753e5f2c07b70559afe641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.send.firmennews.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:14:31 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 01 Nov 2023 17:52:37 GMT
server: cloudflare
etag: "902b60-135fa-6091aefcc5a63"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 82eae830e8e5453a-TXL
content-length: 79354
expires: Fri, 01 Dec 2023 11:15:31 GMT

GET
H2 200 GLOBAL_Icon_Candidates_70x75.png
offers.indeed.com/rs/699-SXJ-715/images/ 6 KB
6 KB 488ms
375ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.indeed.com/rs/699-SXJ-715/images/GLOBAL_Icon_Candidates_70x75.png

Requested by

Host: link.send.firmennews.de
URL: https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e17d261f5324d3f2d705955b3e9b5295f5cfdc6009cca033e255c77d8a9248f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.send.firmennews.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:14:31 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 07 Oct 2023 03:29:54 GMT
server: cloudflare
etag: "900cbb-18be-60717f8709f00"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 82eae830e8e9453a-TXL
content-length: 6334
expires: Fri, 01 Dec 2023 11:15:31 GMT

GET
H2 200 GLOBAL_Icon_Webpage_80x65.png
offers.indeed.com/rs/699-SXJ-715/images/ 4 KB
4 KB 383ms
270ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.indeed.com/rs/699-SXJ-715/images/GLOBAL_Icon_Webpage_80x65.png

Requested by

Host: link.send.firmennews.de
URL: https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

051075130c6e92d2f861c4c44eb40c2d3cdf0d29ca83767b6196fa395598d34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.send.firmennews.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:14:31 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 07 Oct 2023 03:29:54 GMT
server: cloudflare
etag: "282180c-e7b-60717f870803c"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 82eae830e8ed453a-TXL
content-length: 3707
expires: Fri, 01 Dec 2023 11:15:31 GMT

GET
H2 200 GLOBAL_Icon_Select_70x78.png
offers.indeed.com/rs/699-SXJ-715/images/ 12 KB
12 KB 250ms
250ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.indeed.com/rs/699-SXJ-715/images/GLOBAL_Icon_Select_70x78.png

Requested by

Host: link.send.firmennews.de
URL: https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df5b0f6c3ff15c05fdc136d39d9b31cd6756cb3f22c89f7e6450227121b67a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.send.firmennews.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:14:31 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 07 Oct 2023 09:36:31 GMT
server: cloudflare
etag: "900fb8-2e4e-6071d17947ac8"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 82eae831092b453a-TXL
content-length: 11854
expires: Fri, 01 Dec 2023 11:15:31 GMT

GET
H2 200 ftf_arrows.png
na-sjint.marketo.com/images/icons/ 3 KB
3 KB 553ms
240ms Image
image/png 104.17.98.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://na-sjint.marketo.com/images/icons/ftf_arrows.png

Requested by

Host: link.send.firmennews.de
URL: https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.98.130 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9876cd51083c982d4b8fafa2ef6d329509635eff48379152f67484fdf14f6c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.send.firmennews.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:14:31 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 01 Dec 2023 08:32:12 GMT
server: cloudflare
etag: "109b19c0-ca8-60b6e9ad19b00"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 82eae8323900bf88-WAW
content-length: 3240
expires: Fri, 01 Dec 2023 11:15:31 GMT

GET
H/1.1 200
OK open.php
sf40.sendsfx.com/ 43 B
232 B 191ms
75ms Image
image/gif 83.137.116.152
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf40.sendsfx.com/open.php?M=18745182&L=150&N=32529&F=H
Requested by: Host: link.send.firmennews.de
URL: https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.137.116.152 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: ip083137116152.rev.nessus.at
Software: Apache/2.4.25 (Debian) /
Resource Hash: dd5bdccb831d1b19c505bd3e67553f6049cea2e20dba7eb231a02ed0103e521f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.send.firmennews.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 11:14:31 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 43
Content-Type: image/gif

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v35/ 39 KB
39 KB 129ms
43ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v35/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce617e28c528cae254492f317057575634a707c324c4bcaa253f6a576cd8926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://link.send.firmennews.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 12:31:53 GMT
x-content-type-options: nosniff
age: 81758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39552
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 20:09:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 12:31:53 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.offers.indeed.com/	1970-01-20 16:37:11	Name: __cf_bm Value: Ze7.NYWc2L_nygHlAXrzoEKzClaENk7o7qB6uDPhSYs-1701429271-0-AWm+bDgvL5lXepOJ2GDOFJhE0I/8JEocwa4Zjoz9xuRGshlSe+/kOkIN1YDQscsdS0X0WoRz/kzPhqs0Z40FtfY=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280 Message: Mixed Content: The page at 'https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280' was loaded over HTTPS, but requested an insecure element 'http://offers.indeed.com/rs/699-SXJ-715/images/transparentGif.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280(Line 899) Message: Mixed Content: The page at 'https://link.send.firmennews.de/display.php?M=18745182&C=be102e605095220e93be3dc4f3f98f5d&S=32529&L=150&N=23280' was loaded over HTTPS, but requested an insecure element 'http://offers.indeed.com/rs/699-SXJ-715/images/transparentGif.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
link.send.firmennews.de
na-sjint.marketo.com
offers.indeed.com
sf40.sendsfx.com
104.17.74.206
104.17.98.130
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
83.137.116.152
051075130c6e92d2f861c4c44eb40c2d3cdf0d29ca83767b6196fa395598d34b
098d5671fe5bd7e95f65a70a54157198ad4e8a0b6f6662f5e7929c012fdafd89
6e17d261f5324d3f2d705955b3e9b5295f5cfdc6009cca033e255c77d8a9248f
7ce617e28c528cae254492f317057575634a707c324c4bcaa253f6a576cd8926
7d545ee5d664ded6f4959f3e2718abc9bb645db665753e5f2c07b70559afe641
9876cd51083c982d4b8fafa2ef6d329509635eff48379152f67484fdf14f6c1d
b7bffdcee3237b565701a63c9cdd9200aeb3f87dfbd91f0385e745def68bed0c
dd5bdccb831d1b19c505bd3e67553f6049cea2e20dba7eb231a02ed0103e521f
df5b0f6c3ff15c05fdc136d39d9b31cd6756cb3f22c89f7e6450227121b67a2f
e87397ba723e6adc47a9e2395b5c2f378fc682f1f06d6b381c74f6ae63ab038b
f4d2116bf584b755a85cbefb40c4a2a1311dbdefa3670e05bcaaa8d5e2197d08

link.send.firmennews.de Open in urlscan Pro 83.137.116.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

40 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

245 kBTransfer

297 kBSize

1 Cookies

8 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

link.send.firmennews.de Open in urlscan Pro
83.137.116.152 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

245 kB
Transfer

297 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions